Pages

Wednesday, March 27, 2013

Kali Linux : Complete Review by A Pen Tester : Backtrack 6 Release

Article Updated!

Since I posted this Article it has consistently been getting thousands of hits daily and seems to be one of top listed Kali Linux Review Articles in Google Search. So I decided to make it better and thorough. Please leave comments and suggestions.

I have worked on Backtrack since Backtrack 3 was released. Then worked on Backtrack 4 and then 5. I was using Backtrack 5 R3 in last few months... until it finally happened. Kali linux was released.

Kali Linux is a penetration testing and security
auditing Linux distribution. After its release in March 2013, Kali Linux has
quickly become the new favorite among PenTesters worldwide as their choice for
the PenTesting OS. Replacing its predecessor Backtrack, Kali incorporated
several new features and looks quite promising. It is available for i386 and
amd64 architectures and has the same Minimum Hardware Requirements as Backtrack:
1 GHz CPU, 8 GB of Hard Disk Space, 300 MB RAM, And DVD-writer/Ability to boot
with a Pen drive.

A Little History

To be very concise, Kali is an offshoot of Backtrack, which is
an Offshoot of ‘Whax’, which is itself an Offshoot of ‘Whoppix’, which is
derived from ‘Knoppix’. Something common among all of these distros is that
they were focused on Digital Forensics and Intrusion Detection, with Backtrack
and Kali adding a whole lot of Tools for PenTesting purposes. Backtrack has been “giving machine guns to
monkeys since 2007”, so it has had a long reign as the favorite distro of
PenTesters worldwide. ‘Offensive-Security’, the creators of Backtrack, decided
to incorporate many changes in new Backtrack 6 (as it was called at that time).
Since it was built from scratch, it was significantly different from the older
versions of Backtrack and Offensive-Security decided to give a new name to the
Distro – ‘Kali Linux’.

What was wrong with Backtrack and why it needed a change?

We all love Backtrack but bottom-line is that there are a
lot of problems associated with this distro. The most annoying problem is
‘updating’. There was always a fear of ‘breaking’ something if you updated it.
There were too many tools and some of them weren’t updated as frequently as the
others. So updating the ‘dependencies’ of some would cause others to crash and
we struggled to maintain a balance where all these tools and their dependencies
would co-exist without getting in each other’s way.

When we wanted to use a tool, we needed to type the absolute
path in shell.

For example, /pentest/passwords/john/john
“file_name”

Remembering the locations of the tools was a pain and it
just made things complicated.

In addition, Backtrack had a lot of ‘puny’ errors which
crept up here and there while we were working, small issues that we had to
resolve on our own or run to Backtrack forums and get help from other
Pentesters there.

For example, the ‘wicd d-bus error’ that was ready to greet
us when we installed a fresh copy of BT5 and tried to connect to a network. Backtrack
forums (and other websites) are filled with ‘how-to posts’ that attempt to
provide solution to such problems. Eventually we learned to get around these
issues but it did waste a lot of our time.

What makes Kali different from Backtrack 5?

This is the most asked question about Kali today. Offensive Security has tried to answer it on
their website “Unfortunately for us,
that’s not a simple question to answer. It’s a mix between ‘everything’ and
‘not much’, depending on how you used Backtrack.”

Highlights of the new Kali

Switch From Ubuntu
to Debian

Kali Linux is based
on Debian (Debian Wheezy). This turned out to be a great move by Offensive-Security.
The New Kali is much more comfortable to use than its predecessor.

File Hierarchy
Standard Compliance

In the words of ‘MUTS’ from Offensive Security, “What this means is that instead of having
to navigate through the /pentest tree, you will be able to call any tool from
anywhere on the system as every application is included in the system path." This
is again a very welcome change in Kali.

Customizations of
Kali ISOs

If need be, we can now build our own customizations of Kali
Linux. These ISOs can be bootstrapped directly from the repositories maintained
by Offensive Security.

Packages on Kali can be updated with ease without worrying
about ‘breaking’ something. This is because the packages in the Kali
repositories are ‘Debian Compliant’. The Kali Distribution itself can be
upgraded to newer version without the need for re-installing the distro.

300+ PenTesting
Tools

This is quite a large collection and chances are that we
won’t be needing all of them and we might be needing some that are not included
by default. However packages can always be grabbed from the repositories at will,
so that’s never a problem.

What is this ‘Forensics Mode’?

Figure 2: Kali
Linux Boot Menu

While booting up Kali Linux, an option exists for ‘Live
Forensic Mode’ (Figure 2). This is quite a useful feature if we want to do some
real world forensic work. When into Forensics Mode, the internal Hard Disk is
not touched in any manner. The People at Offensive Security Performed a Hash Comparison test
where Hashes were taken of the Hard Drive before and after using Kali in
forensics mode. At the end of the test, the hashes matched suggesting that no
changes were made during the operation. Also worth noticing is that the Auto
mount of Removable Media is disabled while in Forensics mode.

Metasploit Framework in Kali

Figure 3:
Metasploit Framework in Kali

The discussion on Kali (or Backtrack for that matter) would
be incomplete without a mention of how well the Metasploit Framework is
integrated with this distro. While ‘msfconsole’ brings it up, ‘msfupdate’ can
update the metaspoit framework. Like in Backtrack, POSTGRESQL is used to store
the database.

The guys from offensive security and rapid7 (people behind
the metasploit project), co-operated to pre-load Kali Linux with msfpro (the
professional web-service version of metasploit framework). Metasploit in Kali
has full tech support from rapid7.

Tools in Kali Linux

Figure 4: The Top
10 Security Tools in Kali

Tools are mostly the same as those found in Backtrack.
However, in the Kali Linux menu, 10 Security tools have been highlighted as the
Top 10 (Figure 4). Anyone who has worked on BT would have no trouble guessing
which tools would be available on Kali and which need to be grabbed from the
repositories. More than 300 tools come packaged with Kali which are enough to
serve the needs of most PenTests. The Top 10 tools in Kali Linux are mentioned
below:

One had to bring up the Graphical Interface manually by
typind ‘startx’ in Backtrack. However Kali loads up the Graphical User
Interface by default.

Kali Linux environment is much cleaner and appears more stable than Backtrack
5

The Nessus Vulnerability scanner is not installed in Kali by
default (as it was in Backtrack 5). You would have to install it manually from
the debian package.

Kali comes with a Graphical Packages installer which can be
used to install new packages with the click of the mouse. It can brought up by
typing the command: gpk-application

Figure 5:
Graphical Package Installer in Kali

In Backtrack, several PenTesters faced issues in getting
their Bluetooth up and running. The Backtrack forums are filled with people
troubleshooting their Bluetooth devices. In Kali Linux no such problem was
noticed and the Bluetooth works fine.

Firefox is replaced by Iceweasal which doesn’t matter much
as they are both similar. However the Iceweasal Browser in Kali doesn’t come
pre-loaded with plug-ins like ‘no-script’ as in Firefox in Backtrack. Iceweasal
comes clean.

Small issues like inability to control your backlight in Backtrack
have been fixed in Kali Linux. So you would have a smoother working
environment.

Summary

Kali Linux definitely turned out to be everything that a
Penetration Tester would want from a Linux distro. It does have room for
improvements though and the developers are working on it constantly to make it
better. It addresses the problems Backtrack 5 had and it is significantly
different from its predecessor, yet any PenTester who was comfortable using Backtrack
5 would find his way around in Kali Linux with ease. The default login in Kali
Linux is in ‘root’ mode, so it is not the everyday desktop OS and is not
recommended for those new to ‘Linux’. However it fits the Penetration Testing
needs perfectly.

Here's the Original Article Content, Before I Updated it:

But the most obvious is the shift from Ubuntu to Debian (which is a great move in my opinion). You'll immediately feel the difference in the looks and feel of the new Kali Linux.

There are no puny errors like "Error connecting to wicd's D-bus bla bla" when you try to fire up Wicd in Backtrack 5. Kali Linux is much more cleaner in these respect than Backtrack 5.

I feel Kali Linux is more stable than Backtrack 5. However, my Kali has hung up on a few occasions, but I'm guessing that's because of some crappy package I installed because I keep trying out new packages on Kali.

In Kali, There's no /pentest directory like in Backtrack 5. Personally, I don't miss it and neither should you, because now you can fire up any tool just by typing it's name in the shell.

They have removed Nessus Vulnerability Scanner in Kali, You can manually install it by downloading it from Tenable. However, I don't understand why they removed it from default tools in kali, because I really liked scanning for Vulnerabilities in Nessus. May be because Nessus itself has security bugs??

Kali Linux is Smaller in size than Backtrack 5 (which was around 3 GB if I remember correctly). Kali's ISO is just 2 GB in size.

Bluetooth works great on Kali Linux. I don't know about you, but I faced a lot of trouble getting my bluetooth up in Backtrack 5 r3, really frustrating. But in Kali Linux, bluetooth works fine with a click of a mouse, which helps me pen test bluetooth devices with ease now.

VLC Player comes pre-installed with Kali linux. This was not the case with Backtrack 5 where you had to manually install it and then it gave you an error saying "Won't run in root mode" and then you had to hex-edit the VLC binary. In Kali VLC is pre-installed (however I did notice some lag problems in VLC in Kali).

Firefox has been replaced by Iceweasal which is again a good move. They are both given by Mozilla and very similar. However like Firefox in Backtrack comes with 'noscript' and such add-ons for security, Iceweasal in Kali comes clean.

That irritating light pdf viewer in Backtrack has been replaced by 'Document Viewer'.

No 'gedit' in kali, instead you can use 'Leafpad'

In Backtrack, there wasn't a way to control your back-light. I remember searching for a way to control back-light but not finding it. It was set to Max by default. Very tiring for the eyes. No such problem in Kali Linux

That's all for now, I'll keep updating as I notice more.

(I didn't go deep into 'Tools' much since they are mostly similar and if there's anything missing, you can always install it from repositories)

Hey ive got a question to aircrack, espacially airbase-ng. I had no problem setting up airbase-ng and let my iPhone or PC connect to the fake AP. But now with Kali linux i recieve: Not able to connect to AP... I don´t know how to solve this problem.... i tried to set up dhcp but without success.

Great article People complaining about the Ubuntu to Debian move (like above) really have no idea what they're talking about, they have a lot in common. I like the Debian switch, doesn't attach itself to the 'main stream' and will (hopefully) get the wannabes from flooding message boards as to where things are or how to 'h4X0r' a Facebook account.

Hello my friends! I found Kali yesterday.I am running Ubuntu right now and want to switch to Kali. Is there any software like Wubi /I use this to install Ubuntu inside Windows XP/ to help me to install Kali inside Windows XP? Thank youMarin Kusev, Bulgaria

I have to admit, Kali is fantastic, but i miss poor old BackTrack. It was like the kid who always got picked last for everything, tended to trip up over his own laces and occaisionally got caught sniffing the glue, but had a mean tennis backhand, could slam dunk the sh*t outta basketball and could score a free-kick from his own goal line over and over ...

I know fasttrack is part of setoolkit now but options like sqlpwnage are missing and some of the other options seem broken. fasttrack seems unusable in Kali except maybe to get a windows shell. no meterpreter love :(

Twitter Feed

Disclaimer!

The contents of this blog detail experiments done on my personal devices, systems, and local networks. The information provided here is for educational purposes only. Illicit hacking is strongly discouraged.